Articles

Subdomain Takeover Through Simple Yet Serious Attack

Subdomain Takeover Through Simple Yet Serious Attack

Hackers are always finding new ways to get into your application, email or web server. Most hacking attempts are automated while fishing for known vulnerabilities such as outdated WordPress plugins, old application codes, etc... On the other hand sophisticated attacks are more one on

WordPress REST API Vulnerability Abused in Defacement Campaigns

WordPress REST API Vulnerability Abused in Defacement Campaigns

Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. WordPress included a fix for a severe vulnerability in its REST API two weeks ago with the release of WordPress 4.7.2. How Doe

1 Billion Yahoo Accounts Hacked

1 Billion Yahoo Accounts Hacked

Yahoo stated that its security breach allowed hackers to obtain 1 billion user accounts. Information stolen may include names, email addresses, phone numbers, birthdates and security questions and answers. Yahoo said it will notify affected users, but don't wait! Our Recomme

Critical Zero-Day Vulnerability in WordPress Core Engine

Critical Zero-Day Vulnerability in WordPress Core Engine

Unlike 3rd party vulnerable plugins, WordPress confirmed today that a critical vulnerability in its core content management engine exists. This core security  vulnerability allow hackers to conduct a remote code execution on the Web server it is being hosted on in

Stored XSS Vulnerability in Jetpack Plugin

Stored XSS Vulnerability in Jetpack Plugin

Insecure or outdated plugins have been at the heart of numerous attacks launched at and from compromised WordPress sites. Jetpack plugin was the latest culprit due to the the discovery of stored cross-site scripting (XSS) vulnerability. According to a Sucuri p